package yyy.ab.modules.security.handler;

import cn.hutool.http.HttpUtil;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import yyy.ab.common.core.ResultBean;
import yyy.ab.common.utils.ResponseUtil;
import yyy.ab.common.utils.StringUtils;
import yyy.ab.common.utils.http.HttpUtils;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 自定义权限拒绝处理类
 */
@Component
public class AbAccessDeniedHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        response.setCharacterEncoding("utf-8");
        if (HttpUtils.isAjax(request)) {
            ResponseUtil.out(response, ResultBean.errorMsg("抱歉，您没有访问权限"));
        } else {
            response.sendRedirect("/403");
        }
    }
}
